提交 c43ac97b 编写于 作者: J Jakub Kicinski 提交者: David S. Miller

net: tls: prevent false connection termination with offload

Only decrypt_internal() performs zero copy on rx, all paths
which don't hit decrypt_internal() must set zc to false,
otherwise tls_sw_recvmsg() may return 0 causing the application
to believe that that connection got closed.

Currently this happens with device offload when new record
is first read from.

Fixes: d069b780 ("tls: Fix tls_device receive")
Signed-off-by: NJakub Kicinski <jakub.kicinski@netronome.com>
Reviewed-by: NSimon Horman <simon.horman@netronome.com>
Reported-by: NDavid Beckett <david.beckett@netronome.com>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>
上级 1b704c4a
...@@ -1484,6 +1484,8 @@ static int decrypt_skb_update(struct sock *sk, struct sk_buff *skb, ...@@ -1484,6 +1484,8 @@ static int decrypt_skb_update(struct sock *sk, struct sk_buff *skb,
return err; return err;
} }
} else {
*zc = false;
} }
rxm->full_len -= padding_length(ctx, tls_ctx, skb); rxm->full_len -= padding_length(ctx, tls_ctx, skb);
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册